CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-33896
https://notcve.org/view.php?id=CVE-2021-33896
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators. Dino versiones 0.1.2 y 0.2.x anteriores a 0.2.1, permite un Salto de Directorio (sólo para la creación de nuevos archivos) por medio de separadores de ruta codificadas por URI • http://www.openwall.com/lists/oss-security/2021/06/07/2 https://dino.im/blog https://dino.im/security/cve-2021-33896 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ODN4ZSTBYIW25DO3FNRK6FQRGSYGT57I https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P55V3TVSVXREOJAJRXNUSBEUZFOU54V3 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1CVE-2021-30528 – Chrome Sandbox Escape
https://notcve.org/view.php?id=CVE-2021-30528
Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en WebAuthentication en Google Chrome en Android anterior a versión 91.0.4472.77, permitía a un atacante remoto que ha comprometido el proceso de renderización de un usuario que ha guardado una tarjeta de crédito en su cuenta de Google explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • http://packetstormsecurity.com/files/172844/Chrome-Sandbox-Escape.html https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html https://crbug.com/1206329 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54 https://security.gentoo.org/glsa/202107-06 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-30520
https://notcve.org/view.php?id=CVE-2021-30520
Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Tab Strip de Google Chrome versiones anteriores a 90.0.4430.212, permitió a un atacante que convencía a un usuario de instalar una extensión maliciosa para explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html https://crbug.com/1193362 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54 https://security.gentoo.org/glsa/202107-06 • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3565 – tpm2-tools: fixed AES wrapping key in tpm2_import
https://notcve.org/view.php?id=CVE-2021-3565
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality. Se ha encontrado un fallo en tpm2-tools en versiones anteriores a 5.1.1 y versiones anteriores a la 4.3.2. La función tpm2_import usaba una clave AES fija para el contenedor inner, permitiendo potencialmente a un atacante MITM desenvolver la parte interna y revelar la clave que está siendo importada. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos A flaw was found in tpm2-tools. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. • https://bugzilla.redhat.com/show_bug.cgi?id=1964427 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ESY6HRYUKR5ZG2K5QAJQC5S6HMKZMFK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XK5M7I66PBXSN663TSLAZ3V6TWWFCV7C https://access.redhat.com/security/cve/CVE-2021-3565 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2021-3551 – pki-server: Dogtag installer "pkispawn" logs admin credentials into a world-readable log file
https://notcve.org/view.php?id=CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality. Se ha encontrado un fallo en el servidor PKI, donde el comando spkispawn, cuando es ejecutado en modo de depuración, almacena las credenciales de administrador en el archivo de registro de la instalación. Este fallo permite a un atacante local recuperar el archivo para obtener la contraseña de administrador y alcanzar privilegios de administrador en el administrador de Dogtag CA. • https://bugzilla.redhat.com/show_bug.cgi?id=1959971 https://access.redhat.com/security/cve/CVE-2021-3551 • CWE-312: Cleartext Storage of Sensitive Information •